man: LockPersonality= implies NoNewPrivileges=

author: Yu Watanabe <watanabe.yu+github@gmail.com> 2017-12-19 12:48:54 +0900
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2017-12-19 12:48:54 +0900
commit: 69b528832a8ee3606bf8f30164c681a0872f7a2a (patch)
tree: 26f93494f89e379776988db1ad4765a45126da35 /man/systemd.exec.xml
parent: bf0e0a4df2d41a5631811f7db6b6c1c866c3ed80 (diff)
download: systemd-69b528832a8ee3606bf8f30164c681a0872f7a2a.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 3d81e45732..b0135e42fe 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -381,7 +381,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
         <varname>SystemCallArchitectures=</varname>, <varname>RestrictAddressFamilies=</varname>,
         <varname>RestrictNamespaces=</varname>, <varname>PrivateDevices=</varname>,
         <varname>ProtectKernelTunables=</varname>, <varname>ProtectKernelModules=</varname>,
-        <varname>MemoryDenyWriteExecute=</varname>, or <varname>RestrictRealtime=</varname> are specified. Also see
+        <varname>MemoryDenyWriteExecute=</varname>, <varname>RestrictRealtime=</varname>, or
+        <varname>LockPersonality=</varname> are specified. Also see
         <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges
         Flag</ulink>.  </para></listitem>
       </varlistentry>
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2017-12-19 12:48:54 +0900
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2017-12-19 12:48:54 +0900
commit	69b528832a8ee3606bf8f30164c681a0872f7a2a (patch)
tree	26f93494f89e379776988db1ad4765a45126da35 /man/systemd.exec.xml
parent	bf0e0a4df2d41a5631811f7db6b6c1c866c3ed80 (diff)
download	systemd-69b528832a8ee3606bf8f30164c681a0872f7a2a.tar.gz